Linux exposed high-risk vulnerabilities Press Enter key for 70 seconds to gain root privileges
At present, a new vulnerability has once again been exposed in the Linux system, with the vulnerability code CVE-2016-4484. An attacker only needs to press the Enter key for 70 seconds to gain root privileges on the initramfs shell, thus giving the attacker the possibility to crack the Linux device.
It is reported that due to a vulnerability in Linux Unified Key Setup (LUKS), a commonly used variable in Linux, an attacker can decrypt a device running Linux by accessing the shell. At the same time, the attack is also effective against virtual Linux boxen packages in the cloud. In addition, operating systems such as Debian, Ubuntu, and Fedora have also been confirmed to be affected by the vulnerability.
The vulnerability was discovered by Hector Marco, a lecturer at the University of Western Scotland, and Ismael Ripoll, an assistant professor at the University of Technology of Valencia. The two pointed out that since this vulnerability does not require a specific system configuration to trigger, it is highly harmful.
In addition, they said that using the vulnerability, attackers could copy, modify or destroy hard drives, or even set up a network to leak data.
According to reports, this vulnerability is the most harmful to electronic devices equipped with the above-mentioned related operating systems in banks (ATMs), airports, laboratories, libraries and other environments. Fortunately, the researchers said that the vulnerability can be fixed with patches and have developed a contingency plan to prevent hacking.
However, due to the widespread vulnerability, researchers said that the vulnerability will still be exploited until Linux and other systems are fully updated.
How serious is the vulnerability
Authority improvement:
Since boot partitions are generally unencrypted, hackers who exploit the vulnerability can use SetUID to store an executable file, and then use the identity of the local user to execute it to grant authority.
Attackers can also replace the kernel and initrd image.
Information leakage:
Although an attacker cannot directly read the encrypted disk, there are still many things he can do. For example, he could copy the disk to an external device and then use brute force to
DoS attack:
Hackers can delete the content on the disk.
solutions
Although the vulnerability can be easily triggered and has a large impact, its fix is also extremely simple:
First, press the Enter button at the LUKS password prompt window for 70 seconds to check whether there are loopholes in the system.
If there is a vulnerability, check to see if the Linux you are using has a patch released.
© Website copyright and disclaimer
1.[honmau Media] independently owns the copyright of all materials on relevant pages of this website;
2. No one is allowed to copy it without the express written permission of [honmau Media];
3. The articles that do not indicate "honmau Media" on this website are all from the Internet and are only for everyone to learn and refer;
4. If there is any infringement/violation/irregularity, please contact customer service QQ or email to delete it, please understand;
5.[honmau Media] reserves the right to correct, modify and update this statement at any time.legal notice
English
简体中文
繁体中文
